Protect user accounts
Monitoring and protecting your application users
Sqreen blocks attacks in real-time, and links those attacks to users of your application. You can immediately react and take action for user accounts that put your application at risk.
Suspicious activities are also detected, such as account takeover attacks, password bruteforce, or stolen credentials.
You are notified whenever authenticated users attack your app, or whenever they attempt to hijack other user accounts.
Set up User Context
User Context can be set up in your application settings. 3 modes are available:
- Off: no user information is monitored
- Automatic: when your application is based on specific authentication frameworks, Sqreen can automatically monitor user accounts. See related section below.
- Advanced: Integrate our SDK and get advanced monitoring and protection support. See related section below.
Automatic User Context
Sqreen provides automated protection when your application is based on the following *authentication frameworks. Sqreen user protection will be enabled without any code modification in your application.
- Ruby: Devise >= 2.2.x
- Python: Django >= 1.6
- Node: Passport local >= 1.0 and Password HTTP >= 0.3
Ping us if your framework is missing, we will adjust on roadmap to help you integrate Sqreen without modifying your source code.
Advanced User Context
Sqreen provides advanced User Context, that allows you to set up your user account monitoring accurately and get even more flexibility.
You will need to integrate our SDK in your application (~10 minutes). Refer to the following sections according to your language:
A risk score is set to identify users that need special attention. Risk score can raise when such events are triggered:
- Attacks performed against your apps from authenticated users
- Unusual geographic locations or shared accounts
- Connections from Darknet (TOR, open proxies)
- Account takeover attacks, non human behaviors
User filters allow to quickly identify:
- User accounts shared between people
- User accounts connecting from TOR network
- Users with disposable email addresses
- Users who lost their password (3 successive authentication failures)